漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Velociraptor Client ID Spoofing
Vulnerability Description
Due to a bug in the handling of the communication between the client and server, it was possible for one client, already registered with their own client ID, to send messages to the server claiming to come from another client ID. This issue was resolved in Velociraptor 0.6.5-2.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Velocidex Velociraptor 授权问题漏洞
Vulnerability Description
Velocidex Velociraptor是澳大利亚Velocidex公司的一种使用 Velociraptor 查询语言 (VQL) 查询收集基于主机的状态信息的工具。 Velocidex Velociraptor 0.6.5-2之前版本存在授权问题漏洞,该漏洞源于处理客户端和服务器之间的通信的错误,一个已经使用自己的客户端 ID 注册的客户端可能会向服务器发送声称来自另一个客户端 ID 的消息。
CVSS Information
N/A
Vulnerability Type
N/A